1 /* pkcs11f.h include file for PKCS #11. */ 2 /* $Revision: 1.4 $ */ 3 4 /* License to copy and use this software is granted provided that it is 5 * identified as "RSA Security Inc. PKCS #11 Cryptographic Token Interface 6 * (Cryptoki)" in all material mentioning or referencing this software. 7 8 * License is also granted to make and use derivative works provided that 9 * such works are identified as "derived from the RSA Security Inc. PKCS #11 10 * Cryptographic Token Interface (Cryptoki)" in all material mentioning or 11 * referencing the derived work. 12 13 * RSA Security Inc. makes no representations concerning either the 14 * merchantability of this software or the suitability of this software for 15 * any particular purpose. It is provided "as is" without express or implied 16 * warranty of any kind. 17 */ 18 19 /* This header file contains pretty much everything about all the */ 20 /* Cryptoki function prototypes. Because this information is */ 21 /* used for more than just declaring function prototypes, the */ 22 /* order of the functions appearing herein is important, and */ 23 /* should not be altered. */ 24 25 /* General-purpose */ 26 27 /* C_Initialize initializes the Cryptoki library. */ 28 CK_PKCS11_FUNCTION_INFO(C_Initialize) 29 #ifdef CK_NEED_ARG_LIST 30 ( 31 CK_VOID_PTR pInitArgs /* if this is not NULL_PTR, it gets 32 * cast to CK_C_INITIALIZE_ARGS_PTR 33 * and dereferenced */ 34 ); 35 #endif 36 37 38 /* C_Finalize indicates that an application is done with the 39 * Cryptoki library. */ 40 CK_PKCS11_FUNCTION_INFO(C_Finalize) 41 #ifdef CK_NEED_ARG_LIST 42 ( 43 CK_VOID_PTR pReserved /* reserved. Should be NULL_PTR */ 44 ); 45 #endif 46 47 48 /* C_GetInfo returns general information about Cryptoki. */ 49 CK_PKCS11_FUNCTION_INFO(C_GetInfo) 50 #ifdef CK_NEED_ARG_LIST 51 ( 52 CK_INFO_PTR pInfo /* location that receives information */ 53 ); 54 #endif 55 56 57 /* C_GetFunctionList returns the function list. */ 58 CK_PKCS11_FUNCTION_INFO(C_GetFunctionList) 59 #ifdef CK_NEED_ARG_LIST 60 ( 61 CK_FUNCTION_LIST_PTR_PTR ppFunctionList /* receives pointer to 62 * function list */ 63 ); 64 #endif 65 66 67 68 /* Slot and token management */ 69 70 /* C_GetSlotList obtains a list of slots in the system. */ 71 CK_PKCS11_FUNCTION_INFO(C_GetSlotList) 72 #ifdef CK_NEED_ARG_LIST 73 ( 74 CK_BBOOL tokenPresent, /* only slots with tokens? */ 75 CK_SLOT_ID_PTR pSlotList, /* receives array of slot IDs */ 76 CK_ULONG_PTR pulCount /* receives number of slots */ 77 ); 78 #endif 79 80 81 /* C_GetSlotInfo obtains information about a particular slot in 82 * the system. */ 83 CK_PKCS11_FUNCTION_INFO(C_GetSlotInfo) 84 #ifdef CK_NEED_ARG_LIST 85 ( 86 CK_SLOT_ID slotID, /* the ID of the slot */ 87 CK_SLOT_INFO_PTR pInfo /* receives the slot information */ 88 ); 89 #endif 90 91 92 /* C_GetTokenInfo obtains information about a particular token 93 * in the system. */ 94 CK_PKCS11_FUNCTION_INFO(C_GetTokenInfo) 95 #ifdef CK_NEED_ARG_LIST 96 ( 97 CK_SLOT_ID slotID, /* ID of the token's slot */ 98 CK_TOKEN_INFO_PTR pInfo /* receives the token information */ 99 ); 100 #endif 101 102 103 /* C_GetMechanismList obtains a list of mechanism types 104 * supported by a token. */ 105 CK_PKCS11_FUNCTION_INFO(C_GetMechanismList) 106 #ifdef CK_NEED_ARG_LIST 107 ( 108 CK_SLOT_ID slotID, /* ID of token's slot */ 109 CK_MECHANISM_TYPE_PTR pMechanismList, /* gets mech. array */ 110 CK_ULONG_PTR pulCount /* gets # of mechs. */ 111 ); 112 #endif 113 114 115 /* C_GetMechanismInfo obtains information about a particular 116 * mechanism possibly supported by a token. */ 117 CK_PKCS11_FUNCTION_INFO(C_GetMechanismInfo) 118 #ifdef CK_NEED_ARG_LIST 119 ( 120 CK_SLOT_ID slotID, /* ID of the token's slot */ 121 CK_MECHANISM_TYPE type, /* type of mechanism */ 122 CK_MECHANISM_INFO_PTR pInfo /* receives mechanism info */ 123 ); 124 #endif 125 126 127 /* C_InitToken initializes a token. */ 128 CK_PKCS11_FUNCTION_INFO(C_InitToken) 129 #ifdef CK_NEED_ARG_LIST 130 /* pLabel changed from CK_CHAR_PTR to CK_UTF8CHAR_PTR for v2.10 */ 131 ( 132 CK_SLOT_ID slotID, /* ID of the token's slot */ 133 CK_UTF8CHAR_PTR pPin, /* the SO's initial PIN */ 134 CK_ULONG ulPinLen, /* length in bytes of the PIN */ 135 CK_UTF8CHAR_PTR pLabel /* 32-byte token label (blank padded) */ 136 ); 137 #endif 138 139 140 /* C_InitPIN initializes the normal user's PIN. */ 141 CK_PKCS11_FUNCTION_INFO(C_InitPIN) 142 #ifdef CK_NEED_ARG_LIST 143 ( 144 CK_SESSION_HANDLE hSession, /* the session's handle */ 145 CK_UTF8CHAR_PTR pPin, /* the normal user's PIN */ 146 CK_ULONG ulPinLen /* length in bytes of the PIN */ 147 ); 148 #endif 149 150 151 /* C_SetPIN modifies the PIN of the user who is logged in. */ 152 CK_PKCS11_FUNCTION_INFO(C_SetPIN) 153 #ifdef CK_NEED_ARG_LIST 154 ( 155 CK_SESSION_HANDLE hSession, /* the session's handle */ 156 CK_UTF8CHAR_PTR pOldPin, /* the old PIN */ 157 CK_ULONG ulOldLen, /* length of the old PIN */ 158 CK_UTF8CHAR_PTR pNewPin, /* the new PIN */ 159 CK_ULONG ulNewLen /* length of the new PIN */ 160 ); 161 #endif 162 163 164 165 /* Session management */ 166 167 /* C_OpenSession opens a session between an application and a 168 * token. */ 169 CK_PKCS11_FUNCTION_INFO(C_OpenSession) 170 #ifdef CK_NEED_ARG_LIST 171 ( 172 CK_SLOT_ID slotID, /* the slot's ID */ 173 CK_FLAGS flags, /* from CK_SESSION_INFO */ 174 CK_VOID_PTR pApplication, /* passed to callback */ 175 CK_NOTIFY Notify, /* callback function */ 176 CK_SESSION_HANDLE_PTR phSession /* gets session handle */ 177 ); 178 #endif 179 180 181 /* C_CloseSession closes a session between an application and a 182 * token. */ 183 CK_PKCS11_FUNCTION_INFO(C_CloseSession) 184 #ifdef CK_NEED_ARG_LIST 185 ( 186 CK_SESSION_HANDLE hSession /* the session's handle */ 187 ); 188 #endif 189 190 191 /* C_CloseAllSessions closes all sessions with a token. */ 192 CK_PKCS11_FUNCTION_INFO(C_CloseAllSessions) 193 #ifdef CK_NEED_ARG_LIST 194 ( 195 CK_SLOT_ID slotID /* the token's slot */ 196 ); 197 #endif 198 199 200 /* C_GetSessionInfo obtains information about the session. */ 201 CK_PKCS11_FUNCTION_INFO(C_GetSessionInfo) 202 #ifdef CK_NEED_ARG_LIST 203 ( 204 CK_SESSION_HANDLE hSession, /* the session's handle */ 205 CK_SESSION_INFO_PTR pInfo /* receives session info */ 206 ); 207 #endif 208 209 210 /* C_GetOperationState obtains the state of the cryptographic operation 211 * in a session. */ 212 CK_PKCS11_FUNCTION_INFO(C_GetOperationState) 213 #ifdef CK_NEED_ARG_LIST 214 ( 215 CK_SESSION_HANDLE hSession, /* session's handle */ 216 CK_BYTE_PTR pOperationState, /* gets state */ 217 CK_ULONG_PTR pulOperationStateLen /* gets state length */ 218 ); 219 #endif 220 221 222 /* C_SetOperationState restores the state of the cryptographic 223 * operation in a session. */ 224 CK_PKCS11_FUNCTION_INFO(C_SetOperationState) 225 #ifdef CK_NEED_ARG_LIST 226 ( 227 CK_SESSION_HANDLE hSession, /* session's handle */ 228 CK_BYTE_PTR pOperationState, /* holds state */ 229 CK_ULONG ulOperationStateLen, /* holds state length */ 230 CK_OBJECT_HANDLE hEncryptionKey, /* en/decryption key */ 231 CK_OBJECT_HANDLE hAuthenticationKey /* sign/verify key */ 232 ); 233 #endif 234 235 236 /* C_Login logs a user into a token. */ 237 CK_PKCS11_FUNCTION_INFO(C_Login) 238 #ifdef CK_NEED_ARG_LIST 239 ( 240 CK_SESSION_HANDLE hSession, /* the session's handle */ 241 CK_USER_TYPE userType, /* the user type */ 242 CK_UTF8CHAR_PTR pPin, /* the user's PIN */ 243 CK_ULONG ulPinLen /* the length of the PIN */ 244 ); 245 #endif 246 247 248 /* C_Logout logs a user out from a token. */ 249 CK_PKCS11_FUNCTION_INFO(C_Logout) 250 #ifdef CK_NEED_ARG_LIST 251 ( 252 CK_SESSION_HANDLE hSession /* the session's handle */ 253 ); 254 #endif 255 256 257 258 /* Object management */ 259 260 /* C_CreateObject creates a new object. */ 261 CK_PKCS11_FUNCTION_INFO(C_CreateObject) 262 #ifdef CK_NEED_ARG_LIST 263 ( 264 CK_SESSION_HANDLE hSession, /* the session's handle */ 265 CK_ATTRIBUTE_PTR pTemplate, /* the object's template */ 266 CK_ULONG ulCount, /* attributes in template */ 267 CK_OBJECT_HANDLE_PTR phObject /* gets new object's handle. */ 268 ); 269 #endif 270 271 272 /* C_CopyObject copies an object, creating a new object for the 273 * copy. */ 274 CK_PKCS11_FUNCTION_INFO(C_CopyObject) 275 #ifdef CK_NEED_ARG_LIST 276 ( 277 CK_SESSION_HANDLE hSession, /* the session's handle */ 278 CK_OBJECT_HANDLE hObject, /* the object's handle */ 279 CK_ATTRIBUTE_PTR pTemplate, /* template for new object */ 280 CK_ULONG ulCount, /* attributes in template */ 281 CK_OBJECT_HANDLE_PTR phNewObject /* receives handle of copy */ 282 ); 283 #endif 284 285 286 /* C_DestroyObject destroys an object. */ 287 CK_PKCS11_FUNCTION_INFO(C_DestroyObject) 288 #ifdef CK_NEED_ARG_LIST 289 ( 290 CK_SESSION_HANDLE hSession, /* the session's handle */ 291 CK_OBJECT_HANDLE hObject /* the object's handle */ 292 ); 293 #endif 294 295 296 /* C_GetObjectSize gets the size of an object in bytes. */ 297 CK_PKCS11_FUNCTION_INFO(C_GetObjectSize) 298 #ifdef CK_NEED_ARG_LIST 299 ( 300 CK_SESSION_HANDLE hSession, /* the session's handle */ 301 CK_OBJECT_HANDLE hObject, /* the object's handle */ 302 CK_ULONG_PTR pulSize /* receives size of object */ 303 ); 304 #endif 305 306 307 /* C_GetAttributeValue obtains the value of one or more object 308 * attributes. */ 309 CK_PKCS11_FUNCTION_INFO(C_GetAttributeValue) 310 #ifdef CK_NEED_ARG_LIST 311 ( 312 CK_SESSION_HANDLE hSession, /* the session's handle */ 313 CK_OBJECT_HANDLE hObject, /* the object's handle */ 314 CK_ATTRIBUTE_PTR pTemplate, /* specifies attrs; gets vals */ 315 CK_ULONG ulCount /* attributes in template */ 316 ); 317 #endif 318 319 320 /* C_SetAttributeValue modifies the value of one or more object 321 * attributes */ 322 CK_PKCS11_FUNCTION_INFO(C_SetAttributeValue) 323 #ifdef CK_NEED_ARG_LIST 324 ( 325 CK_SESSION_HANDLE hSession, /* the session's handle */ 326 CK_OBJECT_HANDLE hObject, /* the object's handle */ 327 CK_ATTRIBUTE_PTR pTemplate, /* specifies attrs and values */ 328 CK_ULONG ulCount /* attributes in template */ 329 ); 330 #endif 331 332 333 /* C_FindObjectsInit initializes a search for token and session 334 * objects that match a template. */ 335 CK_PKCS11_FUNCTION_INFO(C_FindObjectsInit) 336 #ifdef CK_NEED_ARG_LIST 337 ( 338 CK_SESSION_HANDLE hSession, /* the session's handle */ 339 CK_ATTRIBUTE_PTR pTemplate, /* attribute values to match */ 340 CK_ULONG ulCount /* attrs in search template */ 341 ); 342 #endif 343 344 345 /* C_FindObjects continues a search for token and session 346 * objects that match a template, obtaining additional object 347 * handles. */ 348 CK_PKCS11_FUNCTION_INFO(C_FindObjects) 349 #ifdef CK_NEED_ARG_LIST 350 ( 351 CK_SESSION_HANDLE hSession, /* session's handle */ 352 CK_OBJECT_HANDLE_PTR phObject, /* gets obj. handles */ 353 CK_ULONG ulMaxObjectCount, /* max handles to get */ 354 CK_ULONG_PTR pulObjectCount /* actual # returned */ 355 ); 356 #endif 357 358 359 /* C_FindObjectsFinal finishes a search for token and session 360 * objects. */ 361 CK_PKCS11_FUNCTION_INFO(C_FindObjectsFinal) 362 #ifdef CK_NEED_ARG_LIST 363 ( 364 CK_SESSION_HANDLE hSession /* the session's handle */ 365 ); 366 #endif 367 368 369 370 /* Encryption and decryption */ 371 372 /* C_EncryptInit initializes an encryption operation. */ 373 CK_PKCS11_FUNCTION_INFO(C_EncryptInit) 374 #ifdef CK_NEED_ARG_LIST 375 ( 376 CK_SESSION_HANDLE hSession, /* the session's handle */ 377 CK_MECHANISM_PTR pMechanism, /* the encryption mechanism */ 378 CK_OBJECT_HANDLE hKey /* handle of encryption key */ 379 ); 380 #endif 381 382 383 /* C_Encrypt encrypts single-part data. */ 384 CK_PKCS11_FUNCTION_INFO(C_Encrypt) 385 #ifdef CK_NEED_ARG_LIST 386 ( 387 CK_SESSION_HANDLE hSession, /* session's handle */ 388 CK_BYTE_PTR pData, /* the plaintext data */ 389 CK_ULONG ulDataLen, /* bytes of plaintext */ 390 CK_BYTE_PTR pEncryptedData, /* gets ciphertext */ 391 CK_ULONG_PTR pulEncryptedDataLen /* gets c-text size */ 392 ); 393 #endif 394 395 396 /* C_EncryptUpdate continues a multiple-part encryption 397 * operation. */ 398 CK_PKCS11_FUNCTION_INFO(C_EncryptUpdate) 399 #ifdef CK_NEED_ARG_LIST 400 ( 401 CK_SESSION_HANDLE hSession, /* session's handle */ 402 CK_BYTE_PTR pPart, /* the plaintext data */ 403 CK_ULONG ulPartLen, /* plaintext data len */ 404 CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */ 405 CK_ULONG_PTR pulEncryptedPartLen /* gets c-text size */ 406 ); 407 #endif 408 409 410 /* C_EncryptFinal finishes a multiple-part encryption 411 * operation. */ 412 CK_PKCS11_FUNCTION_INFO(C_EncryptFinal) 413 #ifdef CK_NEED_ARG_LIST 414 ( 415 CK_SESSION_HANDLE hSession, /* session handle */ 416 CK_BYTE_PTR pLastEncryptedPart, /* last c-text */ 417 CK_ULONG_PTR pulLastEncryptedPartLen /* gets last size */ 418 ); 419 #endif 420 421 422 /* C_DecryptInit initializes a decryption operation. */ 423 CK_PKCS11_FUNCTION_INFO(C_DecryptInit) 424 #ifdef CK_NEED_ARG_LIST 425 ( 426 CK_SESSION_HANDLE hSession, /* the session's handle */ 427 CK_MECHANISM_PTR pMechanism, /* the decryption mechanism */ 428 CK_OBJECT_HANDLE hKey /* handle of decryption key */ 429 ); 430 #endif 431 432 433 /* C_Decrypt decrypts encrypted data in a single part. */ 434 CK_PKCS11_FUNCTION_INFO(C_Decrypt) 435 #ifdef CK_NEED_ARG_LIST 436 ( 437 CK_SESSION_HANDLE hSession, /* session's handle */ 438 CK_BYTE_PTR pEncryptedData, /* ciphertext */ 439 CK_ULONG ulEncryptedDataLen, /* ciphertext length */ 440 CK_BYTE_PTR pData, /* gets plaintext */ 441 CK_ULONG_PTR pulDataLen /* gets p-text size */ 442 ); 443 #endif 444 445 446 /* C_DecryptUpdate continues a multiple-part decryption 447 * operation. */ 448 CK_PKCS11_FUNCTION_INFO(C_DecryptUpdate) 449 #ifdef CK_NEED_ARG_LIST 450 ( 451 CK_SESSION_HANDLE hSession, /* session's handle */ 452 CK_BYTE_PTR pEncryptedPart, /* encrypted data */ 453 CK_ULONG ulEncryptedPartLen, /* input length */ 454 CK_BYTE_PTR pPart, /* gets plaintext */ 455 CK_ULONG_PTR pulPartLen /* p-text size */ 456 ); 457 #endif 458 459 460 /* C_DecryptFinal finishes a multiple-part decryption 461 * operation. */ 462 CK_PKCS11_FUNCTION_INFO(C_DecryptFinal) 463 #ifdef CK_NEED_ARG_LIST 464 ( 465 CK_SESSION_HANDLE hSession, /* the session's handle */ 466 CK_BYTE_PTR pLastPart, /* gets plaintext */ 467 CK_ULONG_PTR pulLastPartLen /* p-text size */ 468 ); 469 #endif 470 471 472 473 /* Message digesting */ 474 475 /* C_DigestInit initializes a message-digesting operation. */ 476 CK_PKCS11_FUNCTION_INFO(C_DigestInit) 477 #ifdef CK_NEED_ARG_LIST 478 ( 479 CK_SESSION_HANDLE hSession, /* the session's handle */ 480 CK_MECHANISM_PTR pMechanism /* the digesting mechanism */ 481 ); 482 #endif 483 484 485 /* C_Digest digests data in a single part. */ 486 CK_PKCS11_FUNCTION_INFO(C_Digest) 487 #ifdef CK_NEED_ARG_LIST 488 ( 489 CK_SESSION_HANDLE hSession, /* the session's handle */ 490 CK_BYTE_PTR pData, /* data to be digested */ 491 CK_ULONG ulDataLen, /* bytes of data to digest */ 492 CK_BYTE_PTR pDigest, /* gets the message digest */ 493 CK_ULONG_PTR pulDigestLen /* gets digest length */ 494 ); 495 #endif 496 497 498 /* C_DigestUpdate continues a multiple-part message-digesting 499 * operation. */ 500 CK_PKCS11_FUNCTION_INFO(C_DigestUpdate) 501 #ifdef CK_NEED_ARG_LIST 502 ( 503 CK_SESSION_HANDLE hSession, /* the session's handle */ 504 CK_BYTE_PTR pPart, /* data to be digested */ 505 CK_ULONG ulPartLen /* bytes of data to be digested */ 506 ); 507 #endif 508 509 510 /* C_DigestKey continues a multi-part message-digesting 511 * operation, by digesting the value of a secret key as part of 512 * the data already digested. */ 513 CK_PKCS11_FUNCTION_INFO(C_DigestKey) 514 #ifdef CK_NEED_ARG_LIST 515 ( 516 CK_SESSION_HANDLE hSession, /* the session's handle */ 517 CK_OBJECT_HANDLE hKey /* secret key to digest */ 518 ); 519 #endif 520 521 522 /* C_DigestFinal finishes a multiple-part message-digesting 523 * operation. */ 524 CK_PKCS11_FUNCTION_INFO(C_DigestFinal) 525 #ifdef CK_NEED_ARG_LIST 526 ( 527 CK_SESSION_HANDLE hSession, /* the session's handle */ 528 CK_BYTE_PTR pDigest, /* gets the message digest */ 529 CK_ULONG_PTR pulDigestLen /* gets byte count of digest */ 530 ); 531 #endif 532 533 534 535 /* Signing and MACing */ 536 537 /* C_SignInit initializes a signature (private key encryption) 538 * operation, where the signature is (will be) an appendix to 539 * the data, and plaintext cannot be recovered from the 540 *signature. */ 541 CK_PKCS11_FUNCTION_INFO(C_SignInit) 542 #ifdef CK_NEED_ARG_LIST 543 ( 544 CK_SESSION_HANDLE hSession, /* the session's handle */ 545 CK_MECHANISM_PTR pMechanism, /* the signature mechanism */ 546 CK_OBJECT_HANDLE hKey /* handle of signature key */ 547 ); 548 #endif 549 550 551 /* C_Sign signs (encrypts with private key) data in a single 552 * part, where the signature is (will be) an appendix to the 553 * data, and plaintext cannot be recovered from the signature. */ 554 CK_PKCS11_FUNCTION_INFO(C_Sign) 555 #ifdef CK_NEED_ARG_LIST 556 ( 557 CK_SESSION_HANDLE hSession, /* the session's handle */ 558 CK_BYTE_PTR pData, /* the data to sign */ 559 CK_ULONG ulDataLen, /* count of bytes to sign */ 560 CK_BYTE_PTR pSignature, /* gets the signature */ 561 CK_ULONG_PTR pulSignatureLen /* gets signature length */ 562 ); 563 #endif 564 565 566 /* C_SignUpdate continues a multiple-part signature operation, 567 * where the signature is (will be) an appendix to the data, 568 * and plaintext cannot be recovered from the signature. */ 569 CK_PKCS11_FUNCTION_INFO(C_SignUpdate) 570 #ifdef CK_NEED_ARG_LIST 571 ( 572 CK_SESSION_HANDLE hSession, /* the session's handle */ 573 CK_BYTE_PTR pPart, /* the data to sign */ 574 CK_ULONG ulPartLen /* count of bytes to sign */ 575 ); 576 #endif 577 578 579 /* C_SignFinal finishes a multiple-part signature operation, 580 * returning the signature. */ 581 CK_PKCS11_FUNCTION_INFO(C_SignFinal) 582 #ifdef CK_NEED_ARG_LIST 583 ( 584 CK_SESSION_HANDLE hSession, /* the session's handle */ 585 CK_BYTE_PTR pSignature, /* gets the signature */ 586 CK_ULONG_PTR pulSignatureLen /* gets signature length */ 587 ); 588 #endif 589 590 591 /* C_SignRecoverInit initializes a signature operation, where 592 * the data can be recovered from the signature. */ 593 CK_PKCS11_FUNCTION_INFO(C_SignRecoverInit) 594 #ifdef CK_NEED_ARG_LIST 595 ( 596 CK_SESSION_HANDLE hSession, /* the session's handle */ 597 CK_MECHANISM_PTR pMechanism, /* the signature mechanism */ 598 CK_OBJECT_HANDLE hKey /* handle of the signature key */ 599 ); 600 #endif 601 602 603 /* C_SignRecover signs data in a single operation, where the 604 * data can be recovered from the signature. */ 605 CK_PKCS11_FUNCTION_INFO(C_SignRecover) 606 #ifdef CK_NEED_ARG_LIST 607 ( 608 CK_SESSION_HANDLE hSession, /* the session's handle */ 609 CK_BYTE_PTR pData, /* the data to sign */ 610 CK_ULONG ulDataLen, /* count of bytes to sign */ 611 CK_BYTE_PTR pSignature, /* gets the signature */ 612 CK_ULONG_PTR pulSignatureLen /* gets signature length */ 613 ); 614 #endif 615 616 617 618 /* Verifying signatures and MACs */ 619 620 /* C_VerifyInit initializes a verification operation, where the 621 * signature is an appendix to the data, and plaintext cannot 622 * cannot be recovered from the signature (e.g. DSA). */ 623 CK_PKCS11_FUNCTION_INFO(C_VerifyInit) 624 #ifdef CK_NEED_ARG_LIST 625 ( 626 CK_SESSION_HANDLE hSession, /* the session's handle */ 627 CK_MECHANISM_PTR pMechanism, /* the verification mechanism */ 628 CK_OBJECT_HANDLE hKey /* verification key */ 629 ); 630 #endif 631 632 633 /* C_Verify verifies a signature in a single-part operation, 634 * where the signature is an appendix to the data, and plaintext 635 * cannot be recovered from the signature. */ 636 CK_PKCS11_FUNCTION_INFO(C_Verify) 637 #ifdef CK_NEED_ARG_LIST 638 ( 639 CK_SESSION_HANDLE hSession, /* the session's handle */ 640 CK_BYTE_PTR pData, /* signed data */ 641 CK_ULONG ulDataLen, /* length of signed data */ 642 CK_BYTE_PTR pSignature, /* signature */ 643 CK_ULONG ulSignatureLen /* signature length*/ 644 ); 645 #endif 646 647 648 /* C_VerifyUpdate continues a multiple-part verification 649 * operation, where the signature is an appendix to the data, 650 * and plaintext cannot be recovered from the signature. */ 651 CK_PKCS11_FUNCTION_INFO(C_VerifyUpdate) 652 #ifdef CK_NEED_ARG_LIST 653 ( 654 CK_SESSION_HANDLE hSession, /* the session's handle */ 655 CK_BYTE_PTR pPart, /* signed data */ 656 CK_ULONG ulPartLen /* length of signed data */ 657 ); 658 #endif 659 660 661 /* C_VerifyFinal finishes a multiple-part verification 662 * operation, checking the signature. */ 663 CK_PKCS11_FUNCTION_INFO(C_VerifyFinal) 664 #ifdef CK_NEED_ARG_LIST 665 ( 666 CK_SESSION_HANDLE hSession, /* the session's handle */ 667 CK_BYTE_PTR pSignature, /* signature to verify */ 668 CK_ULONG ulSignatureLen /* signature length */ 669 ); 670 #endif 671 672 673 /* C_VerifyRecoverInit initializes a signature verification 674 * operation, where the data is recovered from the signature. */ 675 CK_PKCS11_FUNCTION_INFO(C_VerifyRecoverInit) 676 #ifdef CK_NEED_ARG_LIST 677 ( 678 CK_SESSION_HANDLE hSession, /* the session's handle */ 679 CK_MECHANISM_PTR pMechanism, /* the verification mechanism */ 680 CK_OBJECT_HANDLE hKey /* verification key */ 681 ); 682 #endif 683 684 685 /* C_VerifyRecover verifies a signature in a single-part 686 * operation, where the data is recovered from the signature. */ 687 CK_PKCS11_FUNCTION_INFO(C_VerifyRecover) 688 #ifdef CK_NEED_ARG_LIST 689 ( 690 CK_SESSION_HANDLE hSession, /* the session's handle */ 691 CK_BYTE_PTR pSignature, /* signature to verify */ 692 CK_ULONG ulSignatureLen, /* signature length */ 693 CK_BYTE_PTR pData, /* gets signed data */ 694 CK_ULONG_PTR pulDataLen /* gets signed data len */ 695 ); 696 #endif 697 698 699 700 /* Dual-function cryptographic operations */ 701 702 /* C_DigestEncryptUpdate continues a multiple-part digesting 703 * and encryption operation. */ 704 CK_PKCS11_FUNCTION_INFO(C_DigestEncryptUpdate) 705 #ifdef CK_NEED_ARG_LIST 706 ( 707 CK_SESSION_HANDLE hSession, /* session's handle */ 708 CK_BYTE_PTR pPart, /* the plaintext data */ 709 CK_ULONG ulPartLen, /* plaintext length */ 710 CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */ 711 CK_ULONG_PTR pulEncryptedPartLen /* gets c-text length */ 712 ); 713 #endif 714 715 716 /* C_DecryptDigestUpdate continues a multiple-part decryption and 717 * digesting operation. */ 718 CK_PKCS11_FUNCTION_INFO(C_DecryptDigestUpdate) 719 #ifdef CK_NEED_ARG_LIST 720 ( 721 CK_SESSION_HANDLE hSession, /* session's handle */ 722 CK_BYTE_PTR pEncryptedPart, /* ciphertext */ 723 CK_ULONG ulEncryptedPartLen, /* ciphertext length */ 724 CK_BYTE_PTR pPart, /* gets plaintext */ 725 CK_ULONG_PTR pulPartLen /* gets plaintext len */ 726 ); 727 #endif 728 729 730 /* C_SignEncryptUpdate continues a multiple-part signing and 731 * encryption operation. */ 732 CK_PKCS11_FUNCTION_INFO(C_SignEncryptUpdate) 733 #ifdef CK_NEED_ARG_LIST 734 ( 735 CK_SESSION_HANDLE hSession, /* session's handle */ 736 CK_BYTE_PTR pPart, /* the plaintext data */ 737 CK_ULONG ulPartLen, /* plaintext length */ 738 CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */ 739 CK_ULONG_PTR pulEncryptedPartLen /* gets c-text length */ 740 ); 741 #endif 742 743 744 /* C_DecryptVerifyUpdate continues a multiple-part decryption and 745 * verify operation. */ 746 CK_PKCS11_FUNCTION_INFO(C_DecryptVerifyUpdate) 747 #ifdef CK_NEED_ARG_LIST 748 ( 749 CK_SESSION_HANDLE hSession, /* session's handle */ 750 CK_BYTE_PTR pEncryptedPart, /* ciphertext */ 751 CK_ULONG ulEncryptedPartLen, /* ciphertext length */ 752 CK_BYTE_PTR pPart, /* gets plaintext */ 753 CK_ULONG_PTR pulPartLen /* gets p-text length */ 754 ); 755 #endif 756 757 758 759 /* Key management */ 760 761 /* C_GenerateKey generates a secret key, creating a new key 762 * object. */ 763 CK_PKCS11_FUNCTION_INFO(C_GenerateKey) 764 #ifdef CK_NEED_ARG_LIST 765 ( 766 CK_SESSION_HANDLE hSession, /* the session's handle */ 767 CK_MECHANISM_PTR pMechanism, /* key generation mech. */ 768 CK_ATTRIBUTE_PTR pTemplate, /* template for new key */ 769 CK_ULONG ulCount, /* # of attrs in template */ 770 CK_OBJECT_HANDLE_PTR phKey /* gets handle of new key */ 771 ); 772 #endif 773 774 775 /* C_GenerateKeyPair generates a public-key/private-key pair, 776 * creating new key objects. */ 777 CK_PKCS11_FUNCTION_INFO(C_GenerateKeyPair) 778 #ifdef CK_NEED_ARG_LIST 779 ( 780 CK_SESSION_HANDLE hSession, /* session 781 * handle */ 782 CK_MECHANISM_PTR pMechanism, /* key-gen 783 * mech. */ 784 CK_ATTRIBUTE_PTR pPublicKeyTemplate, /* template 785 * for pub. 786 * key */ 787 CK_ULONG ulPublicKeyAttributeCount, /* # pub. 788 * attrs. */ 789 CK_ATTRIBUTE_PTR pPrivateKeyTemplate, /* template 790 * for priv. 791 * key */ 792 CK_ULONG ulPrivateKeyAttributeCount, /* # priv. 793 * attrs. */ 794 CK_OBJECT_HANDLE_PTR phPublicKey, /* gets pub. 795 * key 796 * handle */ 797 CK_OBJECT_HANDLE_PTR phPrivateKey /* gets 798 * priv. key 799 * handle */ 800 ); 801 #endif 802 803 804 /* C_WrapKey wraps (i.e., encrypts) a key. */ 805 CK_PKCS11_FUNCTION_INFO(C_WrapKey) 806 #ifdef CK_NEED_ARG_LIST 807 ( 808 CK_SESSION_HANDLE hSession, /* the session's handle */ 809 CK_MECHANISM_PTR pMechanism, /* the wrapping mechanism */ 810 CK_OBJECT_HANDLE hWrappingKey, /* wrapping key */ 811 CK_OBJECT_HANDLE hKey, /* key to be wrapped */ 812 CK_BYTE_PTR pWrappedKey, /* gets wrapped key */ 813 CK_ULONG_PTR pulWrappedKeyLen /* gets wrapped key size */ 814 ); 815 #endif 816 817 818 /* C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new 819 * key object. */ 820 CK_PKCS11_FUNCTION_INFO(C_UnwrapKey) 821 #ifdef CK_NEED_ARG_LIST 822 ( 823 CK_SESSION_HANDLE hSession, /* session's handle */ 824 CK_MECHANISM_PTR pMechanism, /* unwrapping mech. */ 825 CK_OBJECT_HANDLE hUnwrappingKey, /* unwrapping key */ 826 CK_BYTE_PTR pWrappedKey, /* the wrapped key */ 827 CK_ULONG ulWrappedKeyLen, /* wrapped key len */ 828 CK_ATTRIBUTE_PTR pTemplate, /* new key template */ 829 CK_ULONG ulAttributeCount, /* template length */ 830 CK_OBJECT_HANDLE_PTR phKey /* gets new handle */ 831 ); 832 #endif 833 834 835 /* C_DeriveKey derives a key from a base key, creating a new key 836 * object. */ 837 CK_PKCS11_FUNCTION_INFO(C_DeriveKey) 838 #ifdef CK_NEED_ARG_LIST 839 ( 840 CK_SESSION_HANDLE hSession, /* session's handle */ 841 CK_MECHANISM_PTR pMechanism, /* key deriv. mech. */ 842 CK_OBJECT_HANDLE hBaseKey, /* base key */ 843 CK_ATTRIBUTE_PTR pTemplate, /* new key template */ 844 CK_ULONG ulAttributeCount, /* template length */ 845 CK_OBJECT_HANDLE_PTR phKey /* gets new handle */ 846 ); 847 #endif 848 849 850 851 /* Random number generation */ 852 853 /* C_SeedRandom mixes additional seed material into the token's 854 * random number generator. */ 855 CK_PKCS11_FUNCTION_INFO(C_SeedRandom) 856 #ifdef CK_NEED_ARG_LIST 857 ( 858 CK_SESSION_HANDLE hSession, /* the session's handle */ 859 CK_BYTE_PTR pSeed, /* the seed material */ 860 CK_ULONG ulSeedLen /* length of seed material */ 861 ); 862 #endif 863 864 865 /* C_GenerateRandom generates random data. */ 866 CK_PKCS11_FUNCTION_INFO(C_GenerateRandom) 867 #ifdef CK_NEED_ARG_LIST 868 ( 869 CK_SESSION_HANDLE hSession, /* the session's handle */ 870 CK_BYTE_PTR RandomData, /* receives the random data */ 871 CK_ULONG ulRandomLen /* # of bytes to generate */ 872 ); 873 #endif 874 875 876 877 /* Parallel function management */ 878 879 /* C_GetFunctionStatus is a legacy function; it obtains an 880 * updated status of a function running in parallel with an 881 * application. */ 882 CK_PKCS11_FUNCTION_INFO(C_GetFunctionStatus) 883 #ifdef CK_NEED_ARG_LIST 884 ( 885 CK_SESSION_HANDLE hSession /* the session's handle */ 886 ); 887 #endif 888 889 890 /* C_CancelFunction is a legacy function; it cancels a function 891 * running in parallel. */ 892 CK_PKCS11_FUNCTION_INFO(C_CancelFunction) 893 #ifdef CK_NEED_ARG_LIST 894 ( 895 CK_SESSION_HANDLE hSession /* the session's handle */ 896 ); 897 #endif 898 899 900 901 /* Functions added in for Cryptoki Version 2.01 or later */ 902 903 /* C_WaitForSlotEvent waits for a slot event (token insertion, 904 * removal, etc.) to occur. */ 905 CK_PKCS11_FUNCTION_INFO(C_WaitForSlotEvent) 906 #ifdef CK_NEED_ARG_LIST 907 ( 908 CK_FLAGS flags, /* blocking/nonblocking flag */ 909 CK_SLOT_ID_PTR pSlot, /* location that receives the slot ID */ 910 CK_VOID_PTR pRserved /* reserved. Should be NULL_PTR */ 911 ); 912 #endif 913